Pakistani hackers dent Rajasthan's sites

JAIPUR: State government beware! Pakistani hackers are selectively hacking state government web portals. Since 2003, they have defaced 70 state government websites, 48 of them were hacked repeatedly exposing the poor handling capacity of web servers by state agencies.

Pakistani hackers who routinely attack Rajasthan's websites are Khantastic, Dr Den, Dr Neo, Dr Freak, The Ajan, ndh and Mafia Hacking Team among others who are on the prowl. TOI collected data from the web portal 'zone-h.net' here hackers' report the domain name of the hacked website and upload the screen shot of the hacked web portal. In fact, there are various forums created by hackers to boast about the number of websites they have hacked.

Cyber crime experts revealed that Pakistan hacker, Dr Freak was behind the hacking of the law department of Rajasthan website: www.lites.rajasthan.gov.in on November 19. The hacker posted remarks like 'Pakistan Zindabad' and other derogatory messages not suitable for publishing.

The law department website was defaced twice in the past. However, no date theft was reported but it shows the lax attitude of the concerned department failing to put in a security system. Another striking feature is that the main domain Rajasthan.gov.in was attacked four times since 2004.

Mukesh Chaudhary, a cyber crime expert working with Jaipur Police estimated that over 70% of government websites are vulnerable to cyber attacks as they were never audited by any competent agency.

His detailed study on hacked state web portals repeatedly by neighboring countrymen says that 'Pakistani hackers have uploaded a 'shell' on the vulnerable website to penetrate into the web server in order to extract information from the source'. Explaining the modus operendi, Chaudhary said, "Hackers write codes to exploit a particular type of vulnerability. These programmes called robots, continuously crawl over the internet," adding that even advance Google search options are used to find such sites on the Internet.

This also explains why institutes or websites which are not so famous also get hacked. The motive behind defacing state websites is still unclear and not a single case was reported wherein the hacker had steal information or changed information. A senior government official told TOI, "It is not necessary that the motive behind hacking is to steal data. Sometimes the hackers do it for fun." Source said the auditing of domain website was not done since 2007. Most of the websites created recently were not even audited once.